Created
October 13, 2023 10:20
-
-
Save kovacs-andras/d91ea2981aa241c77dc09132e9a9554c to your computer and use it in GitHub Desktop.
Volatility2 install for modern Linux kernels on Kali W41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo -i | |
| apt update | |
| apt install \ | |
| build-essential \ | |
| capstone-tool \ | |
| git \ | |
| libcapstone-dev \ | |
| libdistorm3-dev \ | |
| libraw1394-11 \ | |
| pcregrep \ | |
| python2-dev \ | |
| tzdata \ | |
| yara | |
| curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py | |
| python2 get-pip.py | |
| python2 -m pip install -U setuptools wheel | |
| python2 -m pip install -U distorm3 yara pycrypto pillow openpyxl ujson pytz ipython capstone | |
| ln -s /usr/local/lib/python2.7/dist-packages/usr/lib/libyara.so /usr/lib/libyara.so | |
| git clone https://github.com/volatilityfoundation/volatility.git | |
| cd volatility | |
| python2 setup.py -h | |
| python2 setup.py build | |
| python2 setup.py install | |
| cd | |
| vol.py -h | |
| # Patch | |
| # https://github.com/volatilityfoundation/volatility/pull/854 | |
| wget https://raw.githubusercontent.com/volatilityfoundation/volatility/7113c441d74a8fa1b8d5c056e77900e500453287/volatility/dwarf.py \ | |
| -O /usr/local/lib/python2.7/dist-packages/volatility-2.6.1-py2.7.egg/volatility/dwarf.py | |
| # https://github.com/volatilityfoundation/volatility/pull/852 | |
| wget https://raw.githubusercontent.com/volatilityfoundation/volatility/d07c69a7811d8e18ab186c9fbdf5b050529d06d2/volatility/plugins/overlays/linux/linux.py \ | |
| -O /usr/local/lib/python2.7/dist-packages/volatility-2.6.1-py2.7.egg/volatility/plugins/overlays/linux/linux.py |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment